Dateline Houston, Texas, to Linden, New Jersey: Colonial Pipeline's ransomware incident.
IT Security and Risk Experts Share Ransomware Insights in the Colonial Pipeline Attack (ISACA) In the aftermath of the Colonial Pipeline attack, global IT association and learning community ISACA polled more than 1,200 members in the United States and found that 84 percent of respondents believe ransomware attacks will become more prevalent in the second half of 2021.
Colonial-level cyberattack on trucking likely – but preventable (FreightWaves) The ransomware attack on Colonial Pipeline should serve as a wake-up call to the trucking and logistics sector, where companies keep getting targeted by hackers even though many incidents are preventable.
The Cybersecurity 202: Could less publicizing of ransomware fixes have prevented the Colonial Pipeline attack? (Washington Post) The first rule of blocking ransomware attacks is: Don’t talk about how you blocked ransomware attacks.
Attacks, Threats, and Vulnerabilities
From Wiper to Ransomware | The Evolution of Agrius (SentinelLabs) New threat actor Agrius engages in espionage and destructive attacks, masquerades as ransomware with custom backdoor, wiper and malware.
North Korean hackers behind CryptoCore multi-million dollar heists (BleepingComputer) Security researchers piecing together evidence from multiple attacks on cryptocurrency exchanges, attributed to a threat actor they named CryptoCore have established a strong connection to the North Korean state-sponsored group Lazarus.
Alleged North Korean hackers scouted crypto exchange employees before stealing currency, researchers say (CyberScoop) Suspected North Korean hackers have breached cryptocurrency exchanges in Japan, Europe, the U.S. and Israel in an effort to steal millions of dollars from the platforms in the last three years, according to a new private sector report.
Headphone and speaker maker Bose discloses ransomware attack (The Record by Recorded Future) Audio equipment manufacturer Bose said it was the victim of a ransomware attack that took place earlier this year, on March 7.
Japan’s Biggest Dating App Hack Exposes Two Million Accounts (Bloomberg) A leading Japanese matchmaking app was hacked, likely exposing the personal information of more than 1.7 million account holders, in the latest high-profile online attack.
Crime App Citizen Exposed Users' COVID Data (Vice) The data includes users' exposure to people with COVID, their self-reported test reports and symptoms, and sometimes their full name.
Tulsa Computer System Hacks Stopped by Security Shutdown (SecurityWeek) Most residents of Tulsa are being prevented from paying their water bills after the city shut down its computer network as a security measure following an attempted ransomware attack.
QNAP Says Recently Patched Flaw Exploited in Qlocker Ransomware Attacks (SecurityWeek) QNAP Systems has revealed that a vulnerability in its Hybrid Backup Sync software has been exploited in Qlocker ransomware attacks.
8.3 million plaintext passwords exposed in DailyQuiz data breach (The Record by Recorded Future) The personal details of 13 million DailyQuiz users have been leaked online earlier this year after a hacker breached the quiz builder's database and stole its content, which he later put up for sale.
High-Profile Hacks Leave Ransomware Gangs With Unwanted Publicity (Wall Street Journal) Ransomware groups may be trying to retreat from the spotlight—and preserve their business models—after high-profile attacks in recent weeks disrupted daily life in two countries and sparked widespread condemnation.
Not your grandmother’s ransomware (Security Magazine) To keep up with the ransomware of today, organizations must adopt a holistic approach to mitigating reputational risk.
Gardaí not aware of any stolen HSE data posted online (RTE.ie) Gardaí have said they are not aware of any data stolen from the HSE computer system having been posted online today.
Q&A: What do I do if scammers contact me after the HSE cyber attack? (The Irish Times) Gardaí warn fraudsters may contact public asking for money to secure hospital care
Help Is Not On the Way: Phishing Masquerading as COVID Relief (Avanan) SEGs that rely on allow or blocklists are playing an ever-increasing catchup game when it comes to catching phishing emails, including this attack missed by Mimecast.
Cybercriminals Use 3D Modeling Software for CARES Act Fraud (ZeroFOX) Throughout the pandemic threat actors have relied on 3D modeling software and KYC methods to conduct CARES Act fraud on unsuspecting victims.
Waikato DHB cyber attack: Email from alleged hackers claims computers 'cannot be fully restored without us' (Newshub) A group claiming to be behind the cyber attack on the Waikato DHB says "most" of the backups were deleted.
'It's very scary': Small banks quietly hit by ransomware attacks (American Banker) Hackers, including the group behind the breach at Colonial Pipeline, have posted convincing evidence that they have broken into the servers of community banks in Florida and California and stolen customers' data.
Bluetooth flaws allow attackers to impersonate legitimate devices (BleepingComputer) Attackers could abuse vulnerabilities discovered in the Bluetooth Core and Mesh Profile specifications to impersonate legitimate devices during the pairing process and launch man-in-the-middle (MitM) attacks.
Ongoing Bitcoin Scams Demonstrate Power of Social Engineering Triggers (SecurityWeek) Bitcoin scams have soared over the last seven months. The surge started around October 2020, and the scams are continuing today.
Hackers compromised parking payment app used at popular Houston destinations (impact) ParkMobile, a parking payment app available throughout Houston’s most popular destinations, was hacked in March, company leadership announced.
Scripps enters fourth week of ransomware attack (San Diego Union-Tribune) CEO says access to electronic medical records should be restored by week's end
Cohen Milstein says cyber incident may have affected 'small subset' of firm's data (Reuters) Cohen Milstein Sellers & Toll, a plaintiff-side complex litigation firm, experienced unauthorized access to its computer systems in January, according to a notice on its website. The firm said it investigated the incident and isn't aware of any misuse of information.
Security Patches, Mitigations, and Software Updates
Apple security updates (Apple Support) This document lists security updates for Apple software.
Apple fixes macOS zero-day abused by XCSSET malware (The Record by Recorded Future) Apple has released today security updates for several of its products, including a patch for its macOS desktop operating system that includes a fix for a zero-day vulnerability that has been abused in the wild for almost a year by the XCSSET malware gang.
Update Your Mac Now: Nasty Hack Breaks Apple Security To Take Sneaky Photos (Forbes) Apple Mac malware steals permissions of other apps to take screenshots and potentially pilfer files or spy on users via their webcam and microphone.
Vulnerability Summary for the Week of May 17, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.
Trends
The 10 most dangerous cyber threat actors (CSO Online) These are the most notorious global cybercriminal and state-sponsored groups according to security researchers.
Appsec Stats Flash (WhiteHat Security) The state of application security is rapidly evolving and there is a need for a more frequent analysis of the threat landscape.
State of Data Center Networking 2021 Annual Report (Pluribus Networks) What are the big trends in enterprise data center networks? How are enterprises investing in network innovation to enable their hybrid multi-cloud strategies?
5 Important Statistics About Third-Party Cloud Security (Panorays) Learn the 5 key findings that Panorays researchers discovered about how third parties manage their data with cloud services.
Introducing the PerimeterX Automated Fraud Benchmark Report (PerimeterX) The first PerimeterX benchmark report uncovers hidden trends and provides unique insights into automated fraud gleaned from billions of anonymized online interactions by real users and bots across hundreds of the world’s largest shopping sites.
4 Out Of 5 People Don’t Want Their Personal Data Collected or Shared Without Consent (Invisibly) 68% of respondents say data privacy is important to them. Invisibly surveyed 1247 people to learn how important data privacy is to them.
Marketplace
Sift to Acquire Chargeback, Providing Merchants With Complete Protection Against Payment Fraud (GlobeNewswire) Combined companies offer unified solution to defend against both true and friendly fraud
Tessian | Tessian Raises $65M Series C to Advance Security at the Human Layer (RealWire) Lead investor March Capital has backed cybersecurity leaders CrowdStrike and KnowBe4; is joined by existing investors Sequoia, Accel.
25 May 2021 - SAN FRANCISCO. Human Layer Security company Tessia
XM Cyber Partners with Value-Added Distributor ITD Group to Address the Russian Market (PR Newswire) XM Cyber, the multi-award-winning leader in cyberattack path management, today announced that it has signed an agreement with Russia-based...
Cyber Insurance Firms Start Tapping Out as Ransomware Continues to Rise (Dark Reading) A global insurance carrier refuses to write new ransomware policies in France, while insurers rewrite policies. Are we heading toward a day when ransomware incidents become uninsurable?
Cyber Insurance: Higher Premiums, Limited Coverage (BankInfoSecurity) The increasing number of cyberthreats, especially ransomware attacks, is leading some cyber insurers to raise premiums and limit some coverage in hard-hit sectors,
Senserva Joins Microsoft Intelligent Security Association (MISA) (PR Newswire) Senserva, LLC, a leading Cloud Security provider that delivers Cloud Security Posture Management (CSPM) with enhanced visibility into Role and...
Huawei to move toward software development in wake of US restrictions (TheHill) Chinese telecommunications giant Huawei’s leadership is moving the company toward software development in the face of crippling pushback by many Western nations against use of the company’s hardware.
Strata Identity Appoints Industry Luminary Gerry Gebel to Lead Standards Initiatives (BusinessWire) Gerry will manage initiatives around new identity standards that enable interoperability, break lock-in, and promote flexibility for multi-clouds.
BakerHostetler’s DADM Practice Group expands in Dallas with the addition of Craig Carpenter (Southeast Texas Record) BakerHostetler announced today that Craig Carpenter has joined the firm as a partner in its Dallas office. Carpenter will serve as a member of the firm’s Digital Assets and Data Management (DADM) Practice Group in the Privacy Governance and Technology Transactions team, a press release states.
Open Systems snaps up new CEO from VMware Carbon Black (Security Brief) Haydon is tasked with building out Open Systems' cybersecurity platform and increasing the company's share of the managed security market.
Forcepoint Appoints Transformational Sales Leaders to Accelerate Global Growth of Data-first SASE Security (PR Newswire) Forcepoint, a global leader in data-first cybersecurity solutions that protect critical information and networks for thousands of customers...
Beyond Identity Appoints Tony Shadrake as EMEA Vice President (Beyond Identity) Company adds proven leadership in EMEA region to accelerate growth
Nuspire Appoints J.R. Cunningham to Chief Security Officer (PR Newswire) Nuspire, a leading managed security services provider (MSSP), today announced the appointment of industry veteran, J.R. Cunningham, as Chief...
Products, Services, and Solutions
Onfido announces Face Authenticate and enhanced security tools for its enterprise-grade Real Identity Platform (Onfido) Build trust and security – at onboarding and throughout the customer journey – while increasing revenue, thanks to a three-second, user-friendly authentication experience
Leading Dutch telephone retailer Belsimpel launches identity verification platform Verifai (Verifai) Telecom retailer Belsimpel launches its spin-off Verifai, a privacy-first identity service provider.
PDI Innovation Connects the Convenience and Petroleum Industry Ecosystem (PR Newswire) PDI (www.pdisoftware.com), a global provider of leading software to the convenience retail and petroleum wholesale industries, announced today...
StorCentric’s Retrospect Announces Retrospect Backup 18 with Ransomware Protection and Security Enhancements (PRWeb) Retrospect™, a StorCentric company, today announced the general availability of Retrospect Backup 18 and Retrospect Virtual 2021, featuring new ransomwar
New Privacy Compliance Product: Only Comprehensive Solution For Monitoring And Blocking Non-compliant Creatives In Real Time; Insulates Publisher Reputation And Liability (PR Newswire) In the race to further protect the $50-billion-plus programmatic advertising industry from bad actors, Confiant, on the fourth year anniversary...
One Identity Doubles Down on its Cloud-First Strategy, Delivering a Modular, Integrated Platform to Address Emerging Identity-Centric Security Requirements (One Identity)
One Identity’s core PAM, IGA and Active Directory security solutions are now all available in SaaS models and ISO 27001 certified
This Cloud without Compromise vision delivers optimal flexibility to help organizations secure, manage and gover...
Quantum Xchange Completes Integration with Cisco to Enable Quantum-Safe Networking Equipment with No Key Delivery Limitations (PR Newswire) Quantum Xchange, a leader in quantum-safe products and services for crypto agility and quantum readiness, today announced that its key...
Tesserent tapped to resell Claroty OT security solutions (CRN Australia) Will be delivered through its analytics brand Rivium.
SailPoint Recognized as the 2021 Gartner Peer Insights Customers’ Choice for Identity Governance and Administration (Yahoo Finance) SailPoint Recognized as the 2021 Gartner Peer Insights Customers’ Choice for Identity Governance and Administration
Avast Partners with Generali Global Assistance (PR Newswire) Avast (LSE:AVST), a global leader in digital security and privacy, today announced a partnership with assistance and insurance provider,...
Technologies, Techniques, and Standards
Hackers could bring down our cities – here's how we stop them (The Lighthouse) Cyber security experts defend our vital infrastructure against a constant stream of cyber attacks – and a new ‘smart city’ model developed at Macquarie University is helping in their quest.
Cyber Hygiene Key to Protecting Networks in a Changing Online Environment (SIGNAL Magazine) Combating cyber adversaries is a broad area requiring significant amounts of human intelligence and a deep technical expertise to identify them.
Ransomware Defense Calls for Solid Fundamentals, Rigorous Enforcement (ISACA) Every 11 seconds, an employee will click on a link or open an attachment in a seemingly innocent email and his or her organization will be rapidly infected with ransomware.
How Should Directors Respond to the SolarWinds Attack (Law.com) This article is not about “who did what wrong” or “what nation-state commenced this attack.” It's really more about is, “if I am a Director, what should I be thinking about the SolarWinds attack?”
New Cyber Defense Toolkit For Emerging Threats To Civil Aviation (Aviation Week Network) Raytheon Intelligence and Space has developed solutions to the diverse and growing cyber threat landscape. The FAA's Next Generation Air Transportation System (NextGen), will modernize America's air transportation with interconnected air traffic control, making air travel safer and more efficient than ever.
Fight insurance fraud with cryptography (Digital Insurance) Specific forms of cryptography called privacy enhancing techniques may hold the key to battling insurance fraud by delivering the benefits of data collaboration without the risks of data sharing.
Design and Innovation
Quantum computers could crack today's encrypted messages. That's a problem (CNET) We'll likely see the top picks for safer, post-quantum encryption technology early in 2022.
Research and Development
IRS Wants Tools for Cracking Crypto Wallets (Nextgov.com) The agency’s Digital Forensics Unit wants to “tame the cybersecurity research into measured, repeatable, consistent digital forensics processes.”
Cobalt Iron Assigned Patent for Dynamic Authorization Control That Automatically Responds to Threats and Events (BusinessWire) Cobalt Iron has been granted a patent on its Cobalt Iron Compass technology for dynamic authorization control based on conditions and events.
Artificial Intelligence Is America’s Achilles Heel Against China (Bloomberg) Unless Big Tech, universities and the Pentagon can work together, China’s government-run approach will surpass U.S. efforts.
Academia
Alberta government orders suspension of new university research with links to Chinese government (Edmonton Journal) Alberta’s government is telling four universities in the province to stop seeking research projects that have any link to the Chinese government.
Universities turn to privileged access management as they adopt Essential Eight cybersecurity strategies (Security Brief) The education sector continues to be a key target for a cyber attack.
Legislation, Policy, and Regulation
In cyber, differentiating between state actors, criminals is a blur (Aerotech News & Review) Who's hacking U.S. networks? It's not an easy question to answer, defense leaders told lawmakers, as determining if a malicious cyber attacker is a foreign government, a cyber criminal or a cyber criminal supported by a foreign government is never clear.
Russia summons Colombian envoy over cyber attack accusations (Yahoo Finance) Russia's Foreign Ministry said on Monday it had summoned the Colombian ambassador to Moscow over accusations made by the Colombian defence minister about alleged "cyber attacks from Russia".
Russia’s Surveillance State Struggles to Wean Itself Off the West (Foreign Policy) Moscow’s facial recognition networks are quietly reliant on U.S. components—a headache for companies and policymakers alike.
Russia gives Google 24 hours to delete banned content (Reuters) Russia's communications watchdog on Monday gave Google (GOOGL.O) 24 hours to delete what it called prohibited content or be fined and said Moscow could eventually slow down the company's traffic in the country.
Russia determines measures to fight cybercrime (TASS) The work is in progress on legislation concerning the security of personal data, and classification of widely spread socially dangerous encroachments in the Internet as offences entailing criminal punishment
Visit to Twitter India offices part of 'routine process': Delhi Police (The Times of India) India News: Two Delhi Police teams on Monday went to Twitter India offices to serve notices in connection with the probe into the alleged 'Congress toolkit' matte
The Regulatory Risks Facebook Faces In India Could Shape The Future Of The Social Media Industry (Seeking Alpha) On February 25, the Ministry of Electronics & IT in India announced a new Digital Code of Ethics for social media companies.
Brazil announces digital currency guidelines (ZDNet) The plans to launch a digital real are part of the central bank's modernization agenda for the country's payments industry
Know This: Hack Attacks are Acts of ‘Unrestricted Warfare’ (The National Interest) The U.S. government must slash bureaucracy, foster improved cooperation, and treat hacking attacks as acts of war rather than isolated incidents.
Operating in the shadows: US Cyber Command (AFP (France 24)) If the Pentagon's Cyber Command launches an online attack and nobody knows about it, does it deter anyone?
Biden’s Cybersecurity Executive Order Could Change IT Security (Dice Insights) A 30-page executive order, signed by Biden and published May 12, looks to completely transform how federal agencies approach cybersecurity.
Executive Order on Improving US Cybersecurity: An Ambitious and Timely Call for a Broad Range of Cybersecurity Improvements (The National Law Review) On May 12, 2021, President Biden issued an executive order entitled Improving the Nation’s Cybersecurity (EO). The EO was released only days after the cyberattack impacting Colonial Pi
Recent cyberattacks revive calls for mandatory breach notification (CSO Online) Strong two-way communication between government and the private sector combined with a clear national breach notification policy will put a dent in cybercrime, experts say.
Regulatory Impasse within the Web-Scraping Industry (IPRoyal.com) Web scraping is the use of hi-tech data extraction methods that allows agencies to collect data from 3rd party web-sources efficiently. This data is often used for various purposes including Ad-targeting, Business Intelligence, Product Management, and Artificial Intelligence. However, due to its ubiquity and multi-platform approach, the regulation of the web scraping industry still hangs […]
Florida, in a First, Will Fine Social Media Companies That Bar Candidates (New York Times) The new law is a direct response to Facebook’s and Twitter’s suspensions of former President Donald J. Trump.
Litigation, Investigation, and Law Enforcement
Belarus journalist’s father says video confession carried out under duress (the Guardian) Raman Pratasevich, seized from diverted Ryanair flight, appeared to have been beaten, says father
Commerce Department security unit evolved into counterintelligence-like operation, Washington Post examination found (Washington Post) An obscure security unit tasked with protecting the Commerce Department’s officials and facilities has evolved into something more akin to a counterintelligence operation that collected information on hundreds of people inside and outside the department, a Washington Post examination found.
A Look at the Legal Consequence of a Cyber Attack (Legal Reader) Businesses are adapting as quickly as they can to online everything. But are they ready for the legal consequences of a cyber attack?
U.S. Government Asks Victims of 2017 EtherDelta Hack to Come Forward (SecurityWeek) The U.S. government is asking victims of the 2017 EtherDelta hack, in which at least $1.4 million worth of cryptocurrency was stolen, to come forward.
Apple and Epic lay it all on the table in final day of Fortnite trial (Protocol) The antitrust trial is now in the judge's hands after three weeks of courtroom testimony.
Department of Justice closes criminal investigation into Booz Allen Hamilton (FedScoop) The company said Friday that civil probes by the DOJ and SEC into its accounting practices are still pending.
US towns are buying Chinese surveillance tech tied to Uighur abuses (TechCrunch) Hikvision and Dahua are accused of supplying Beijing with technology it uses to surveil ethnic groups.
2020 and Beyond: Maricopa County CISO Talks Election Security (GovTech) 2020 saw the FBI, CISA and local governments collaborate more closely to keep elections secure. Building on these efforts and better engaging private companies and the public will help protect future elections, experts say.
Growing mystery of suspected energy attacks draws US concern (Associated Press) The Biden administration is facing new pressure to resolve a mystery that has vexed its predecessors: Is an adversary using a microwave or radio wave weapon to attack the brains of U.S. diplomats, spies and military personnel?
Goldberg Segalla Leaked Data Breach Plaintiff's Info: Suit (Law360) Goldberg Segalla LLP negligently exposed personal information belonging to a woman pressing a data breach suit against a modeling agency the law firm was representing by failing to properly redact a filing in support of its bid to dismiss that dispute, according to a lawsuit filed Monday in New York state court.
UK Prosecutor Says Email Fraud Case Belongs In US Court (Law360) A prosecutor argued to a London judge Monday that a British citizen accused of scamming American businesses, universities and government entities out of millions of dollars through elaborate email scams should be extradited to the United States.
Russian to be deported after failed Tesla ransomware plot (AP NEWS) A Russian man was sentenced Monday to what amounted to time already served and will be deported after pleading guilty to trying to pay a Tesla employee $500,000 to install computer malware at the company’s Nevada electric battery plant in a bid to steal company secrets for ransom.
Russian to be deported after failed Tesla ransomware plot (Washington Post) A Russian man was sentenced Monday to what amounted to time already served and will be deported after pleading guilty to trying to pay a Tesla employee $500,000 to install computer malware at the company’s Nevada electric battery plant in a bid to steal company secrets for ransom.
Threats by menacing clowns led DC police to surveil online accounts (the Guardian) Police records reveal that threats from social media users led to intensive surveillance of those participating in the clown craze